June 29, 2017 | Industry Insights, Shipping

Latest Ransomware Attack Hits Shipping Industry

Share This:

In May, the WannaCry global ransomware attack targeted computers worldwide running Microsoft’s Window operating system by encrypting data and demanding ransom payments. WannaCry brought computer systems from Russia to China to the U.K. and the U.S. to their knees, locking people out of their data and demanding they pay a ransom or lose everything. More than 200,000 computers in 150 countries were affected. Now ransomware virus Petya has hit companies worldwide, including shipping giant A.P. Moller-Maersk, which handles one out of seven containers shipped globally.

The Petya cyber attack caused outages at Maersk’s computer systems across the world, including at its APM Terminals, preventing new bookings from taking place or providing quotes at affected terminals. Within hours, Maersk, however, was able to accept cargo bookings through its third-party platform, INNTRA, for existing accounts, though booking confirmations are taking longer than usual. “We are still working on resuming normal operation,” the company announced via Twitter.

The cyber-attack shut down a number of Maersk’s IT systems including those it uses to communicate with its customers and business partners. According to Seatrade Maritime News, reports from New Zealand indicated the line was using handwritten communication with ports as well as G-mail accounts with customers.

In the United States, the supply chain fallout from the Petya attack has been significant. APM Terminals’ operations in Mobile, Alabama, according to Splash24/7, for example, have been loading and unloading containers in manual mode without the use of a computerized system. In New Jersey, APM Terminals’ gate operations in Port Elizabeth were shuttered.

The full scale of the Petya cyber attack on Maersk globally remains unclear. “We continue to assess the situation. Until this analysis is complete, we cannot be specific about how many sites and locations are affected or when normal business operations are restored. The aggregate impact on our business is being assessed,” Maersk said.

In addition, the Petya cyber attack, according to Seatrade Maritime News, also affected Maersk’s logistics arm Damco. “Damco has limited access to certain systems. A business continuity plan has been deployed with a key focus on protecting customers’ cargo flows,” the company said.

This type of attack quite evidently has a domino effect on the entire supply chain. Just one weak link opens up everyone to potential attacks and subsequent delays. Coordinating ship arrivals, unloading containers and then scheduling storage and trucks to move products out of ports requires a high degree of coordination and efficiency. A big bottleneck in a single port can reverberate widely and quickly.

What is ransomware?

Ransomware is a type of malware that essentially takes over a computer and prevents users from accessing data on it until a ransom is paid. The average ransom amount is $300 to $500 per computer, and the favored payment is bitcoin. In most cases, the software infects computers through links or attachments in malicious messages known as phishing emails. The software usually is hidden within links or attachments in emails. Once the user clicks on the link or opens the document, the computer is infected and the software takes over.

Although ransomware has been around for years, these latest global attacks are much more insidious. Both WannaCry and Petya borrowed leaked National Security Agency code that permits software to spread quickly within an organization’s network.

To minimize the potential of a ransomware attack, there are several cyber security steps you can take including:

  • Look for malicious email messages that often masquerade as emails from companies or people you regularly interact with online. Avoid clicking on links or opening attachments in those messages, since they could unleash malware.
  • Regularly back up data. There are a ton of options here, from backing up to cloud providers to local storage devices or even network attached drives, but each comes with a certain level of risk. It’s imperative to remove the external storage device once a backup has been taken so that if ransomware does infect the computer, it won’t be able to touch the backup.
  • Ensure that security updates are installed on your computers as soon as they are released. Up-to-date backups make it possible to restore files without paying a ransom. WannaCry and Petya attack exploited vulnerabilities in some versions of Microsoft Windows. Microsoft has released software patches for the security holes, but not everyone has installed those updates. The new malware, however, appears to have a back-up spreading mechanism, so that even if some computers were patched, they can still be hit if one or more machines in a particularly network wasn’t patched.
  • Download protection programs that not only fight attacks, but also notify you when there is a threat to your computer. These programs include firewalls, anti-virus programs and other protective software. They can alert you if a malware is trying to encrypt your files and what they are doing to stop it.

Be sure to have a business continuity plan in place so that you can get your operations running as smoothly as possible as quickly as possible. In addition, be sure to carry Cyber Liability insurance, which can be designed to include cyber extortion coverage in the event of a ransomware attack. Roanoke Trade, which specializes in serving the insurance needs of transportation and logistics providers, is available to discuss how Cyber insurance works and the various coverages available in the policy. Please contact one of our Roanoke Trade professionals at 1-800-ROANOKE (800-762-6653) for more information.

Share This:

Related


Guarding Against Fictitious Pickups and Cargo Theft: Tips and Training

Fictitious pickups are increasing in North America. In the US, the percentage of cargo thefts due to fictitious pickup rose from 1% in 2022 to 17% in 2023. Strategic theft patterns are also rising, where thieves use identity theft and fraud with fictitious pickup and brokering schemes to obtain loads from freight locations. Combatting this […]

Cargo Insurance, Industry Insights

Roanoke Introduces New Client Experience Department!

Roanoke Insurance Group is excited to announce the formation of our Client Experience department. This new department will be led by Amanda Barlow, who has served our clients in a variety of capacities throughout her tenure at Roanoke. Most recently as the Regional Vice President of our Western region. Roanoke’s Kylie Reinert will join Amanda […]

Industry Insights

Leadership Excellence: Karen Rzeszutko Represents Roanoke on USCIB Board

We are excited to share that Karen Rzeszutko, President of Roanoke Insurance Group Inc. has been appointed to the Board of Directors of the United States Council for International Business (USCIB) for the 2024-2026 term. This appointment recognizes Karen’s outstanding leadership and her significant contributions to the industry. The USCIB, a prominent organization dedicated to […]

Corporate Communiqué, Industry Insights

Roanoke is the leading provider of insurance and surety solutions for transportation and logistics providers. In fact, we are recognized as the most reliable source for U.S. customs bonds.

Contact

If you have any questions or need help, feel free to contact with our team.

800-762-6653

US CORPORATE HEADQUARTERS

1501 E. Woodfield Road

Suite 400W

Schaumburg, IL 60173


CANADA CORPORATE HEADQUARTERS

390 Bay Street

Munich Re Centre, 22nd Floor

Toronto, ON M5H 2Y2

Solutions that Go the Distance.

© 2024 Roanoke Insurance Group Inc. A Munich Re company

Better Business Bureau logoCoverholder at Lloyd's logo